encoding/pem: don't reslice in failure modes

We re-slice the data being processed at the stat of each loop. If the
var that we use to calculate where to re-slice is < 0 or > the length
of the remaining data, return instead of attempting to re-slice.

Change-Id: I1d6c2b6c596feedeea8feeaace370ea73ba02c4c
Reviewed-on: https://go-review.googlesource.com/c/go/+/715260
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Roland Shoemaker <roland@golang.org>
Reviewed-by: Damien Neil <dneil@google.com>

diff --git a/src/encoding/pem/pem.go b/src/encoding/pem/pem.go
index 1da60d3227dc1108fd7d56f70b654919acbbe030..6bf2b41ad0eb7faf0df50b09f02e8b0761447d68 100644 (file)
--- a/src/encoding/pem/pem.go
+++ b/src/encoding/pem/pem.go
@@ -95,6 +95,9 @@ func Decode(data []byte) (p *Block, rest []byte) {
        for {
                // If we've already tried parsing a block, skip past the END we already
                // saw.
+               if endTrailerIndex < 0 || endTrailerIndex > len(rest) {
+                       return nil, data
+               }
                rest = rest[endTrailerIndex:]
 
                // Find the first END line, and then find the last BEGIN line before